Lucene search
RedhatCVE-2013-6441HistoryFeb 14, 2014 - 3:55 p.m.
CVE-2013-6441
2014-02-1415:55:05
CWE-264
redhat
web.nvd.nist.gov
41
cve-2013-6441
lxc
security
privilege escalation
nvd
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.
Affected configurations
Node
linuxcontainerslxcRange≤0.9.0
ORlinuxcontainerslxcMatch0.1.0
ORlinuxcontainerslxcMatch0.2.0
ORlinuxcontainerslxcMatch0.2.1
ORlinuxcontainerslxcMatch0.3.0
ORlinuxcontainerslxcMatch0.4.0
ORlinuxcontainerslxcMatch0.5.0
ORlinuxcontainerslxcMatch0.5.1
ORlinuxcontainerslxcMatch0.5.2
ORlinuxcontainerslxcMatch0.6.0
ORlinuxcontainerslxcMatch0.6.1
ORlinuxcontainerslxcMatch0.6.2
ORlinuxcontainerslxcMatch0.6.3
ORlinuxcontainerslxcMatch0.6.4
ORlinuxcontainerslxcMatch0.6.5
ORlinuxcontainerslxcMatch0.7.0
ORlinuxcontainerslxcMatch0.7.1
ORlinuxcontainerslxcMatch0.7.2
ORlinuxcontainerslxcMatch0.7.3
ORlinuxcontainerslxcMatch0.7.4
ORlinuxcontainerslxcMatch0.7.4.1
ORlinuxcontainerslxcMatch0.7.4.2
ORlinuxcontainerslxcMatch0.7.5
ORlinuxcontainerslxcMatch0.8.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linuxcontainers | lxc | * | cpe:2.3:a:linuxcontainers:lxc:*:*:*:*:*:*:*:* |
| linuxcontainers | lxc | 0.1.0 | cpe:2.3:a:linuxcontainers:lxc:0.1.0:*:*:*:*:*:*:* |
| linuxcontainers | lxc | 0.2.0 | cpe:2.3:a:linuxcontainers:lxc:0.2.0:*:*:*:*:*:*:* |
| linuxcontainers | lxc | 0.2.1 | cpe:2.3:a:linuxcontainers:lxc:0.2.1:*:*:*:*:*:*:* |
| linuxcontainers | lxc | 0.3.0 | cpe:2.3:a:linuxcontainers:lxc:0.3.0:*:*:*:*:*:*:* |
| linuxcontainers | lxc | 0.4.0 | cpe:2.3:a:linuxcontainers:lxc:0.4.0:*:*:*:*:*:*:* |
| linuxcontainers | lxc | 0.5.0 | cpe:2.3:a:linuxcontainers:lxc:0.5.0:*:*:*:*:*:*:* |
| linuxcontainers | lxc | 0.5.1 | cpe:2.3:a:linuxcontainers:lxc:0.5.1:*:*:*:*:*:*:* |
| linuxcontainers | lxc | 0.5.2 | cpe:2.3:a:linuxcontainers:lxc:0.5.2:*:*:*:*:*:*:* |
| linuxcontainers | lxc | 0.6.0 | cpe:2.3:a:linuxcontainers:lxc:0.6.0:*:*:*:*:*:*:* |
Related
mageia
mageia
Updated lxc packages fix security vulnerability
2014-02-26 22:23:25
ubuntu
ubuntu
LXC vulnerability
2014-02-12 00:00:00
cvelist
cvelist
CVE-2013-6441
2014-02-14 15:00:00
ubuntucve
ubuntucve
CVE-2013-6441
2013-12-31 00:00:00
prion
prion
Design/Logic Flaw
2014-02-14 15:55:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0102)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-2104-1)
2022-08-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0643-1)
2021-06-09 00:00:00
nessus
nessus
Ubuntu 13.10 : lxc vulnerability (USN-2104-1)
2014-02-13 00:00:00
SuSE 11.3 Security Update : lxc (SAT Patch Number 9084)
2014-05-15 00:00:00
Debian DLA-442-1 : lxc security update
2016-03-01 00:00:00
securityvulns
securityvulns
lxc protection bypass
2014-04-07 00:00:00
[USN-2104-1] LXC vulnerability
2014-04-07 00:00:00
debiancve
debiancve
CVE-2013-6441
2014-02-14 15:55:05
nvd
nvd
CVE-2013-6441
2014-02-14 15:55:05
debian
debian
[SECURITY] [DLA 442-1] lxc security update
2016-02-29 14:41:59
osv
osv
lxc - security update
2016-02-29 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2013-6441